ELSA-2022-9669

ELSA-2022-9669 - qemu security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2022-08-01

Description


[15:4.2.1-18.el7]
- block: introduce max_hw_iov for use in scsi-generic (Paolo Bonzini) [Orabug: 33785156]
- file-posix: try BLKSECTGET on block devices too, do not round to power of 2 (Paolo Bonzini) [Orabug: 33785156]
- block: add max_hw_transfer to BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- block-backend: align max_transfer to request alignment (Paolo Bonzini) [Orabug: 33785156]
- osdep: provide ROUND_DOWN macro (Paolo Bonzini) [Orabug: 33785156]
- scsi-generic: pass max_segments via max_iov field in BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- file-posix: fix max_iov for /dev/sg devices (Paolo Bonzini) [Orabug: 33785156]
- display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207) (Mauro Matteo Cascella) [Orabug: 34049511] {CVE-2021-4207}
- ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) (Mauro Matteo Cascella) [Orabug: 34049509] {CVE-2021-4206}
- hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) (Philippe Mathieu-Daude) [Orabug: 32860387] {CVE-2021-3507}
- pc: q35: Bump max_cpus to 512 (Suravee Suthikulpanit) [Orabug: 34314249]
- tests/qtest: fix pvpanic-pci-test (Mark Kanda) [Orabug: 34284763]
- libqos: pci-pc: use 32-bit write for EJ register (Paolo Bonzini) [Orabug: 34284758]
- libqos: usb-hcd-ehci: use 32-bit write for config register (Paolo Bonzini) [Orabug: 34284768]
- target/i386/kvm: Fix disabling MPX on '-cpu host' with MPX-capable host (Maciej S. Szmigiero) [Orabug: 33528615]
- i386: Mask SVM features if nested SVM is disabled (Eduardo Habkost) [Orabug: 33860224]
- ide: Cap LBA28 capacity announcement to 2^28-1 (Samuel Thibault) [Orabug: 25327652]
- tests/acpi: update expected arm/virt tables (Mark Kanda) [Orabug: 34132842]


Related CVEs


CVE-2021-3507
CVE-2021-4206
CVE-2021-4207

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) qemu-4.2.1-18.el7.src.rpmdd0869c29e7302304e88704588bac7cf-
ivshmem-tools-4.2.1-18.el7.aarch64.rpm6da0d1e90c50fe272c7db58a13d4a249-
qemu-4.2.1-18.el7.aarch64.rpm254e9724d97582f209d2ddb8f8f60523-
qemu-block-gluster-4.2.1-18.el7.aarch64.rpmfab2110c1cc9ee492d98130daf11636d-
qemu-block-iscsi-4.2.1-18.el7.aarch64.rpm9efb2d7c59c9b056b644545b0ab5cebf-
qemu-block-rbd-4.2.1-18.el7.aarch64.rpm17c1fa268f03844f14feb7403eec9e6e-
qemu-common-4.2.1-18.el7.aarch64.rpm1590d8b25c58a6fd271a992283e2f3cf-
qemu-img-4.2.1-18.el7.aarch64.rpm89817bc381d17f107df0a2ec14f57a27-
qemu-kvm-4.2.1-18.el7.aarch64.rpm66533d4651a14714c68ab5dc86220c5a-
qemu-kvm-core-4.2.1-18.el7.aarch64.rpm1d00c463153f0b71d9803a1a838f0cf5-
qemu-system-aarch64-4.2.1-18.el7.aarch64.rpm4d8398515b372dd2c5e6fa6ef83dfd56-
qemu-system-aarch64-core-4.2.1-18.el7.aarch64.rpm08c22561f1ddf5928bb3b80556f6bb9d-
Oracle Linux 7 (x86_64) qemu-4.2.1-18.el7.src.rpmdd0869c29e7302304e88704588bac7cf-
qemu-4.2.1-18.el7.x86_64.rpm5ea8f27dec3bef2a9ccb393a4bb63158-
qemu-block-gluster-4.2.1-18.el7.x86_64.rpm1679c3e72f18a3f76ab5edad3e229c13-
qemu-block-iscsi-4.2.1-18.el7.x86_64.rpmca6c0f2c4033ccf056944cba51f4a527-
qemu-block-rbd-4.2.1-18.el7.x86_64.rpm337781ad6d4be993514e06b933ba14fb-
qemu-common-4.2.1-18.el7.x86_64.rpm9ee9247c7fad947b3be581996bbeb41e-
qemu-img-4.2.1-18.el7.x86_64.rpm7626f96dae77c185f0b1a784365a82a1-
qemu-kvm-4.2.1-18.el7.x86_64.rpm6b3972faa8bc3614073229e86847b2f3-
qemu-kvm-core-4.2.1-18.el7.x86_64.rpm66ea9ad09e01a75e1d97c47fc5f2d917-
qemu-system-x86-4.2.1-18.el7.x86_64.rpm022761b9fa7ab92503048e197bc5b35b-
qemu-system-x86-core-4.2.1-18.el7.x86_64.rpmd7ef8dbe3a0f4c2b61ee6cd8d3a6c895-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete